RealNetworks is warning customers about a[url=http://service.real.com/help/faq/security/050224_player/EN/] security vulnerability[/url] in its RealPlayer and RealOne Player software that could allow an attacker to run malicious code on a machine using an affected version of the popular media player programs.

The company issued a [url=http://service.real.com/help/faq/security/050224_player/EN/]software patch[/url] this week to fix the holes--which could allow attackers to use specially crafted SMIL (Synchronized Multimedia Integration Language) files to create buffer overflows on vulnerable systems--and is encouraging customers to upgrade or patch their software.